Inline Reply On 2 March 2013 21:58, Constantine A. Murenin <mureninc@gmail.com> wrote:
Dear NANOG@,
I've had a Linode in Fremont, CA (within 173.230.144.0/20 and 2600:3c01::/32) for over a year, and, in addition to some development, I sometimes use it as an ssh-based personal SOCKS-proxy when travelling and having to use any kind of public WiFi.
Since doing so, I have noticed that most geolocation services think that I'm located in NJ (the state of the corporate headquarters of Linode), instead of Northern California (where my Linode is physically from, and, coincidentally or not, where I also happen to live, hence renting a Linode from a very specific location).
Additionally, it seems like both yelp.com and retailmenot.com block the whole 173.230.144.0/20 from their web-sites, returning some graphical "403 Forbidden" pages instead.
...
I would like to point out that 173.230.144.0/20 and 2600:3c01::/32, announced out of AS6939, are allocated by Linode from their own ARIN-assigned allocations, 173.230.128.0/19 and 2600:3C00::/30, which Linode, in turn with their other ARIN-assigned space, allocates to 4 of their distinct DCs in the US, in Dallas, Fremont, Atlanta and Newark.
However, Linode does not maintain any individual whois records of which DC they announce a given sub-allocation from. They also do not document their IPv6 assignments, either: if one of their customers misbehaves, the offended network would have no clue how to block just one customer, so, potentially, a whole set of customers may end up being blocked, through a wrong prefixlen assumption.
I've tried contacting Linode in regards to whois, giving an example of some other smaller providers (e.g. vr.org) that label their own sub-allocations within their ARIN-assigned space to contain an address of the DC where the subnet is coming from, and asked whether Linode could do the same; however, Linode informed me that they don't have any kind of mail service from the DCs they're at, and that their ARIN contact, effectively, said that they're already doing everything right in regards not having any extra whois entries with the addresses of their DC, since that would actually be wrong, as noone will be expecting mail for Linode at those addresses. (In turn, it's unclear whether a much smaller vr.org has mail service at nearly a dozen of the DCs that they have their servers at, and which they provide as the addresses in ARIN's whois, but I would guess that they do not.)
This would seem like a possible shortcoming of ARIN's policies and the whois database: with RIPE, every `netname` has a `country` associated with it, seemingly without any requirements of a mailing address where mail could be received; but with ARIN, no state is ever provided, only a mailing address. (I've also just noticed that RIPE whois now has an optional `geoloc` field in addition to the non-optional `country`.)
Now, back to ARIN: is Linode doing it right? Is vr.org doing it wrong? Are they both doing it correct, or are they both wrong?
You need to give me what you need to give me, but if you give me more am I going to complain? What about if you miss something?
And in regards to yelp and retailmenot; why are they blocking Linode customers in 173.230.144.0/20? I've tried contacting both on multiple
Could be many reasons, I suspect they get little legitimate traffic from there with their target audiences.
occasions, and have never received any replies from yelp, but retailmenot has replied several times with a blanket "someone may have tried to scrap, spam or proxy our site from this network". I have
Probably likely, many geo-restricted sites also block hosting providers.
repeatedly asked retailmenot if they'd block Verizon or AT&T if someone tries to scrap or spam their web-site from those networks, too, but have never received any replies. I have also tried
Residential provider: Block millions of users to stop a few scrapers. Hosting provider: Block a couple of users to block 90% of the scrapers, and all the places the scrapers go to when you block them.
contacting Linode regarding this issue, and although they were very patient and tried troubleshooting the problem, reporting that it appears that other addresses within 173.230.144.0/20 are likewise blocked, but some of their other address ranges at another DC are not, they have not been able to get in touch with anyone at yelp or retailmenot to isolate the problem.
Now, if you were operating yelp or rmn, would you not block an address range with a fishy geoloc like that of Linode? I'm somewhat convinced that 403 Forbidden stems entirely out of some logic that notes that the geoloc data is likely fishy, or which [erroneously] concludes that the address range is used for anonymity purposes.
Have you done a lot of 'looking up IP addresses'? Browse around some of the whois records from hosting providers, and see if you can figure out how much to block. IPv6 makes this even more fun, a /64 shared between customers or a /48 per server? have to read their site, traceroute, etc...
Anyhow. How do I get my geoloc to show Fremont, CA? And to have yelp stop returning 403 Forbidden?
SWIP? see owen.. If you can't get anyone who can change things to 'fix' it for you - Change provider*? - Mike *I'm sure if you 'can't find a suitable one' you'll get off list replies ;)